@freesignal/protocol 0.1.8 → 0.2.0

package/api.d.ts

@@ -0,0 +1,38 @@
+import { Crypto, LocalStorage } from "@freesignal/interfaces";
+import { KeySession } from "./double-ratchet";
+import { KeyExchange } from "./x3dh";
+import { Datagram, IdentityKeys, EncryptedData, UserId } from "./types";
+export declare class FreeSignalAPI {
+    protected readonly signKey: Crypto.KeyPair;
+    protected readonly boxKey: Crypto.KeyPair;
+    protected readonly sessions: LocalStorage<UserId, KeySession>;
+    protected readonly keyExchange: KeyExchange;
+    protected readonly users: LocalStorage<UserId, IdentityKeys>;
+    constructor(opts: {
+        secretSignKey: Uint8Array;
+        secretBoxKey: Uint8Array;
+        sessions: LocalStorage<UserId, KeySession>;
+        keyExchange: LocalStorage<string, Crypto.KeyPair>;
+        users: LocalStorage<UserId, IdentityKeys>;
+    });
+    encryptData(data: Uint8Array, userId: string): Promise<EncryptedData>;
+    decryptData(data: Uint8Array, userId: string): Promise<Uint8Array>;
+    protected digestToken(auth?: string): Promise<{
+        identityKeys: IdentityKeys;
+        userId: UserId;
+    }>;
+    createToken(publicKey: Uint8Array): string;
+    protected packDatagrams(messages: Datagram[]): Uint8Array;
+    protected unpackDatagrams(data: Uint8Array): Datagram[];
+    get identityKeys(): {
+        readonly publicKey: string;
+        readonly identityKey: string;
+        encode(): Uint8Array;
+        toString(): string;
+        toJSON(): string;
+    };
+    static createSecretIdentityKeys(): {
+        secretSignKey: Uint8Array;
+        secretBoxKey: Uint8Array;
+    };
+}

package/api.js

@@ -0,0 +1,118 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.FreeSignalAPI = void 0;
+const crypto_1 = __importDefault(require("@freesignal/crypto"));
+const x3dh_1 = require("./x3dh");
+const utils_1 = require("@freesignal/utils");
+const types_1 = require("./types");
+const fflate_1 = __importDefault(require("fflate"));
+class FreeSignalAPI {
+    constructor(opts) {
+        const { secretSignKey, secretBoxKey, sessions, keyExchange, users } = opts;
+        this.signKey = crypto_1.default.EdDSA.keyPair(secretSignKey);
+        this.boxKey = crypto_1.default.ECDH.keyPair(secretBoxKey);
+        this.sessions = sessions;
+        this.keyExchange = new x3dh_1.KeyExchange(secretSignKey, secretBoxKey, keyExchange);
+        this.users = users;
+    }
+    encryptData(data, userId) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const session = yield this.sessions.get(userId);
+            if (!session)
+                throw new Error('Session not found for user: ' + userId);
+            const encrypted = session.encrypt(data);
+            this.sessions.set(userId, session); // Ensure session is updated
+            return encrypted;
+        });
+    }
+    decryptData(data, userId) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const session = yield this.sessions.get(userId);
+            if (!session)
+                throw new Error('Session not found for user: ' + userId);
+            const decrypted = session.decrypt(data);
+            if (!decrypted)
+                throw new Error('Decryption failed for user: ' + userId);
+            this.sessions.set(userId, session); // Ensure session is updated
+            return decrypted;
+        });
+    }
+    digestToken(auth) {
+        return __awaiter(this, void 0, void 0, function* () {
+            if (auth && auth.startsWith("Bearer ")) {
+                const [userId, sharedId] = auth.substring(7).split(":");
+                const identityKeys = yield this.users.get(userId);
+                if (!identityKeys)
+                    throw new Error('User not found or invalid auth token');
+                if ((0, utils_1.verifyUint8Array)(crypto_1.default.hash(crypto_1.default.ECDH.sharedKey((0, utils_1.decodeBase64)(identityKeys.publicKey), this.boxKey.secretKey)), (0, utils_1.decodeBase64)(sharedId)))
+                    return { identityKeys, userId: auth };
+                else
+                    throw new Error('Authorization token not valid');
+            }
+            throw new Error('Authorization header is required');
+        });
+    }
+    createToken(publicKey) {
+        const sharedId = crypto_1.default.hash(crypto_1.default.ECDH.sharedKey(publicKey, this.boxKey.secretKey));
+        const userId = crypto_1.default.hash(this.signKey.publicKey);
+        return `Bearer ${(0, utils_1.encodeBase64)(userId)}:${(0, utils_1.encodeBase64)(sharedId)}`;
+    }
+    ;
+    packDatagrams(messages) {
+        return fflate_1.default.deflateSync((0, utils_1.concatUint8Array)(...messages.flatMap(datagram => {
+            const encoded = types_1.Datagram.from(datagram).encode();
+            return [(0, utils_1.numberToUint8Array)(encoded.length, 8), encoded];
+        })));
+    }
+    unpackDatagrams(data) {
+        const messages = [];
+        let offset = 0;
+        data = fflate_1.default.inflateSync(data);
+        while (offset < data.length) {
+            const length = data.subarray(offset, offset + 8);
+            if (length.length < 8) {
+                throw new Error('Invalid message length');
+            }
+            const messageLength = (0, utils_1.numberFromUint8Array)(length);
+            offset += 8;
+            if (offset + messageLength > data.length) {
+                throw new Error('Invalid message length');
+            }
+            const messageData = data.subarray(offset, offset + messageLength);
+            offset += messageLength;
+            try {
+                const datagram = types_1.Datagram.from(messageData);
+                messages.push(datagram);
+            }
+            catch (error) {
+                throw new Error('Invalid datagram format');
+            }
+        }
+        return messages;
+    }
+    get identityKeys() {
+        return types_1.IdentityKeys.from({
+            publicKey: (0, utils_1.encodeBase64)(this.signKey.publicKey),
+            identityKey: (0, utils_1.encodeBase64)(this.boxKey.publicKey)
+        });
+    }
+    static createSecretIdentityKeys() {
+        return {
+            secretSignKey: crypto_1.default.EdDSA.keyPair().secretKey,
+            secretBoxKey: crypto_1.default.ECDH.keyPair().secretKey
+        };
+    }
+}
+exports.FreeSignalAPI = FreeSignalAPI;

package/double-ratchet.d.ts

@@ -16,7 +16,7 @@
  * You should have received a copy of the GNU General Public License
  * along with this program.  If not, see <https://www.gnu.org/licenses/>
  */
-import { Encodable } from "./types";
+import { EncryptedData } from "./types";
 type ExportedKeySession = {
     secretKey: string;
     remoteKey: string;
@@ -98,59 +98,4 @@ export declare class KeySession {
     static readonly keyLength = 32;
     private static symmetricRatchet;
 }
-/**
- * Interface representing an encrypted payload.
- * Provides metadata and de/serialization methods.
- */
-export interface EncryptedData extends Encodable {
-    /**
-     * The length of the payload.
-     */
-    readonly length: number;
-    /**
-     * Version of the payload.
-     */
-    readonly version: number;
-    /**
-     * The current message count of the sending chain.
-     */
-    readonly count: number;
-    /**
-     * The count of the previous sending chain.
-     */
-    readonly previous: number;
-    /**
-     * The sender's public key used for this message.
-     */
-    readonly publicKey: Uint8Array;
-    /**
-     * The nonce used during encryption.
-     */
-    readonly nonce: Uint8Array;
-    /**
-     * The encrypted message content.
-     */
-    readonly ciphertext: Uint8Array;
-    /**
-     * Serializes the payload into a Uint8Array for transport.
-     */
-    encode(): Uint8Array;
-    /**
-     * Returns the payload as a Base64 string.
-     */
-    toString(): string;
-    /**
-     * Returns the decoded object as a JSON string.
-     */
-    toJSON(): string;
-}
-export declare class EncryptedData {
-    /**
-     * Static factory method that constructs an `EncryptedPayload` from a raw Uint8Array.
-     *
-     * @param array - A previously serialized encrypted payload.
-     * @returns An instance of `EncryptedPayload`.
-     */
-    static from(array: Uint8Array | EncryptedData): EncryptedData;
-}
 export {};

package/double-ratchet.js

@@ -21,9 +21,10 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.EncryptedData = exports.KeySession = void 0;
-const crypto_1 = __importDefault(require("./crypto"));
-const utils_1 = require("./utils");
+exports.KeySession = void 0;
+const crypto_1 = __importDefault(require("@freesignal/crypto"));
+const utils_1 = require("@freesignal/utils");
+const types_1 = require("./types");
 /**
  * Represents a secure Double Ratchet session.
  * Used for forward-secure encryption and decryption of messages.
@@ -57,12 +58,12 @@ class KeySession {
     setRemoteKey(key) {
         this._remoteKey = key;
         this.receivingChain = this.ratchetKeys();
-        if (this.receivingCount > (EncryptedDataConstructor.maxCount - KeySession.skipLimit * 2))
+        if (this.receivingCount > (types_1.EncryptedDataConstructor.maxCount - KeySession.skipLimit * 2))
             this.receivingCount = 0;
         this.previousCount = this.sendingCount;
         this.keyPair = crypto_1.default.ECDH.keyPair();
         this.sendingChain = this.ratchetKeys();
-        if (this.sendingCount > (EncryptedDataConstructor.maxCount - KeySession.skipLimit * 2))
+        if (this.sendingCount > (types_1.EncryptedDataConstructor.maxCount - KeySession.skipLimit * 2))
             this.sendingCount = 0;
         return this;
     }
@@ -100,11 +101,11 @@ class KeySession {
      */
     encrypt(message) {
         const key = this.getSendingKey();
-        if (this.sendingCount >= EncryptedDataConstructor.maxCount || this.previousCount >= EncryptedDataConstructor.maxCount)
+        if (this.sendingCount >= types_1.EncryptedDataConstructor.maxCount || this.previousCount >= types_1.EncryptedDataConstructor.maxCount)
             throw new Error();
-        const nonce = crypto_1.default.randomBytes(EncryptedDataConstructor.nonceLength);
+        const nonce = crypto_1.default.randomBytes(types_1.EncryptedDataConstructor.nonceLength);
         const ciphertext = crypto_1.default.box.encrypt(message, nonce, key);
-        return new EncryptedDataConstructor(this.sendingCount, this.previousCount, this.keyPair.publicKey, nonce, ciphertext);
+        return new types_1.EncryptedDataConstructor(this.sendingCount, this.previousCount, this.keyPair.publicKey, nonce, ciphertext);
     }
     /**
      * Decrypts an encrypted message.
@@ -114,7 +115,7 @@ class KeySession {
      */
     decrypt(payload) {
         var _a;
-        const encrypted = EncryptedData.from(payload);
+        const encrypted = types_1.EncryptedData.from(payload);
         const publicKey = encrypted.publicKey;
         if (!(0, utils_1.verifyUint8Array)(publicKey, this._remoteKey)) {
             while (this.receivingCount < encrypted.previous)
@@ -188,94 +189,6 @@ KeySession.rootKeyLength = crypto_1.default.box.keyLength;
  * Typically 32 bytes (256 bits) for symmetric keys.
  */
 KeySession.keyLength = 32;
-class EncryptedData {
-    /**
-     * Static factory method that constructs an `EncryptedPayload` from a raw Uint8Array.
-     *
-     * @param array - A previously serialized encrypted payload.
-     * @returns An instance of `EncryptedPayload`.
-     */
-    static from(array) {
-        return new EncryptedDataConstructor(array);
-    }
-}
-exports.EncryptedData = EncryptedData;
-class EncryptedDataConstructor {
-    constructor(...arrays) {
-        arrays = arrays.filter(value => value !== undefined);
-        if (arrays[0] instanceof EncryptedDataConstructor) {
-            this.raw = arrays[0].raw;
-            return this;
-        }
-        if (typeof arrays[0] === 'number')
-            arrays[0] = (0, utils_1.numberToUint8Array)(arrays[0], EncryptedDataConstructor.countLength);
-        if (typeof arrays[1] === 'number')
-            arrays[1] = (0, utils_1.numberToUint8Array)(arrays[1], EncryptedDataConstructor.countLength);
-        if (arrays.length === 6) {
-            arrays.unshift(typeof arrays[5] === 'number' ? (0, utils_1.numberToUint8Array)(arrays[5]) : arrays[5]);
-            arrays.pop();
-        }
-        else if (arrays.length > 1) {
-            arrays.unshift((0, utils_1.numberToUint8Array)(KeySession.version));
-        }
-        this.raw = (0, utils_1.concatUint8Array)(...arrays);
-    }
-    get length() { return this.raw.length; }
-    get version() { return (0, utils_1.numberFromUint8Array)(new Uint8Array(this.raw.buffer, ...Offsets.version.get)); }
-    get count() { return (0, utils_1.numberFromUint8Array)(new Uint8Array(this.raw.buffer, ...Offsets.count.get)); }
-    get previous() { return (0, utils_1.numberFromUint8Array)(new Uint8Array(this.raw.buffer, ...Offsets.previous.get)); }
-    get publicKey() { return new Uint8Array(this.raw.buffer, ...Offsets.publicKey.get); }
-    get nonce() { return new Uint8Array(this.raw.buffer, ...Offsets.nonce.get); }
-    get ciphertext() { return new Uint8Array(this.raw.buffer, Offsets.ciphertext.start); }
-    encode() {
-        return this.raw;
-    }
-    decode() {
-        return {
-            version: this.version,
-            count: this.count,
-            previous: this.previous,
-            publicKey: (0, utils_1.encodeBase64)(this.publicKey),
-            nonce: (0, utils_1.encodeBase64)(this.nonce),
-            ciphertext: (0, utils_1.encodeBase64)(this.ciphertext)
-        };
-    }
-    toString() {
-        return (0, utils_1.encodeBase64)(this.raw);
-    }
-    toJSON() {
-        return JSON.stringify(this.decode());
-    }
-}
-EncryptedDataConstructor.secretKeyLength = crypto_1.default.ECDH.secretKeyLength;
-EncryptedDataConstructor.publicKeyLength = crypto_1.default.ECDH.publicKeyLength;
-EncryptedDataConstructor.keyLength = crypto_1.default.box.keyLength;
-EncryptedDataConstructor.nonceLength = crypto_1.default.box.nonceLength;
-EncryptedDataConstructor.maxCount = 65536; //32768;
-EncryptedDataConstructor.countLength = 2;
-class Offsets {
-    static set(start, length) {
-        class Offset {
-            constructor(start, length) {
-                this.start = start;
-                this.length = length;
-                if (typeof length === 'number')
-                    this.end = start + length;
-            }
-            get get() {
-                return [this.start, this.length];
-            }
-        }
-        return new Offset(start, length);
-    }
-}
-Offsets.checksum = Offsets.set(0, 0);
-Offsets.version = Offsets.set(Offsets.checksum.end, 1);
-Offsets.count = Offsets.set(Offsets.version.end, EncryptedDataConstructor.countLength);
-Offsets.previous = Offsets.set(Offsets.count.end, EncryptedDataConstructor.countLength);
-Offsets.publicKey = Offsets.set(Offsets.previous.end, EncryptedDataConstructor.publicKeyLength);
-Offsets.nonce = Offsets.set(Offsets.publicKey.end, EncryptedDataConstructor.nonceLength);
-Offsets.ciphertext = Offsets.set(Offsets.nonce.end, undefined);
 class KeyMap extends Map {
     get(key) {
         const out = super.get(key);

package/index.d.ts

@@ -16,10 +16,12 @@
  * You should have received a copy of the GNU General Public License
  * along with this program.  If not, see <https://www.gnu.org/licenses/>
  */
-import crypto from "./crypto";
-import { LocalStorage } from "./types";
+import crypto from "@freesignal/crypto";
+import { LocalStorage, Crypto } from "@freesignal/interfaces";
 import { KeySession } from "./double-ratchet";
 import { KeyExchange } from "./x3dh";
+import { IdentityKeys, UserId } from "./types";
+import { FreeSignalAPI } from "./api";
 /**
  * Creates a new Double Ratchet session.
  *
@@ -41,6 +43,11 @@ export declare function createKeySession(opts?: {
  * @returns A new X3DH session.
  */
 export declare function createKeyExchange(signSecretKey: Uint8Array, boxSecretKey: Uint8Array, bundleStore?: LocalStorage<string, crypto.KeyPair>): KeyExchange;
-export * from "./types";
-export { Datagram } from "./data";
-export { EncryptedData } from "./double-ratchet";
+export declare function createAPI(opts: {
+    secretSignKey: Uint8Array;
+    secretBoxKey: Uint8Array;
+    sessions: LocalStorage<UserId, KeySession>;
+    keyExchange: LocalStorage<string, Crypto.KeyPair>;
+    users: LocalStorage<UserId, IdentityKeys>;
+}): FreeSignalAPI;
+export { IdentityKeys, Protocols, EncryptedData, Datagram } from "./types";

package/index.js

@@ -17,26 +17,14 @@
  * You should have received a copy of the GNU General Public License
  * along with this program.  If not, see <https://www.gnu.org/licenses/>
  */
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __exportStar = (this && this.__exportStar) || function(m, exports) {
-    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
-};
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.EncryptedData = exports.Datagram = void 0;
+exports.Datagram = exports.EncryptedData = exports.Protocols = exports.IdentityKeys = void 0;
 exports.createKeySession = createKeySession;
 exports.createKeyExchange = createKeyExchange;
+exports.createAPI = createAPI;
 const double_ratchet_1 = require("./double-ratchet");
 const x3dh_1 = require("./x3dh");
+const api_1 = require("./api");
 /**
  * Creates a new Double Ratchet session.
  *
@@ -58,8 +46,11 @@ function createKeySession(opts) {
 function createKeyExchange(signSecretKey, boxSecretKey, bundleStore) {
     return new x3dh_1.KeyExchange(signSecretKey, boxSecretKey, bundleStore);
 }
-__exportStar(require("./types"), exports);
-var data_1 = require("./data");
-Object.defineProperty(exports, "Datagram", { enumerable: true, get: function () { return data_1.Datagram; } });
-var double_ratchet_2 = require("./double-ratchet");
-Object.defineProperty(exports, "EncryptedData", { enumerable: true, get: function () { return double_ratchet_2.EncryptedData; } });
+function createAPI(opts) {
+    return new api_1.FreeSignalAPI(opts);
+}
+var types_1 = require("./types");
+Object.defineProperty(exports, "IdentityKeys", { enumerable: true, get: function () { return types_1.IdentityKeys; } });
+Object.defineProperty(exports, "Protocols", { enumerable: true, get: function () { return types_1.Protocols; } });
+Object.defineProperty(exports, "EncryptedData", { enumerable: true, get: function () { return types_1.EncryptedData; } });
+Object.defineProperty(exports, "Datagram", { enumerable: true, get: function () { return types_1.Datagram; } });

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@freesignal/protocol",
-  "version": "0.1.8",
+  "version": "0.2.0",
   "description": "Signal Protocol implementation in javascript",
   "license": "GPL-3.0-or-later",
   "author": "Christian Braghette",
@@ -11,6 +11,9 @@
     "build": "tsc && node ./build/build.js"
   },
   "dependencies": {
+    "@freesignal/crypto": "^0.3.0",
+    "@freesignal/interfaces": "^0.1.1",
+    "@freesignal/utils": "^1.0.2",
     "base64-js": "^1.5.1",
     "fflate": "^0.8.2",
     "js-sha3": "^0.9.3",

package/test.js

@@ -4,10 +4,8 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 const _1 = require(".");
-const crypto_1 = __importDefault(require("./crypto"));
-const data_1 = require("./data");
-const utils_1 = require("./utils");
-const types_1 = require("./types");
+const crypto_1 = __importDefault(require("@freesignal/crypto"));
+const utils_1 = require("@freesignal/utils");
 const bob = (0, _1.createKeyExchange)(crypto_1.default.EdDSA.keyPair().secretKey, crypto_1.default.ECDH.keyPair().secretKey);
 const alice = (0, _1.createKeyExchange)(crypto_1.default.EdDSA.keyPair().secretKey, crypto_1.default.ECDH.keyPair().secretKey);
 const bobmessage = bob.generateData();
@@ -16,15 +14,15 @@ bob.digestMessage(aliceack).then(({ session: bobsession, cleartext }) => {
     var _a;
     if (bobsession && cleartext) {
         console.log("Session established successfully between Alice and Bob.");
-        const datagram = data_1.Datagram.create(bob.signatureKey, alice.signatureKey, types_1.Protocols.MESSAGE, (_a = bobsession.encrypt((0, utils_1.decodeUTF8)("Hi Alice!"))) === null || _a === void 0 ? void 0 : _a.encode());
+        const datagram = _1.Datagram.create(bob.signatureKey, alice.signatureKey, _1.Protocols.MESSAGE, (_a = bobsession.encrypt((0, utils_1.decodeUTF8)("Hi Alice!"))) === null || _a === void 0 ? void 0 : _a.encode());
         //console.log(datagram.payload);
         const msg = datagram.encode();
-        console.log((0, utils_1.encodeUTF8)(alicesession.decrypt(data_1.Datagram.from(msg).payload)));
+        console.log((0, utils_1.encodeUTF8)(alicesession.decrypt(_1.Datagram.from(msg).payload)));
         if (alicesession.handshaked && bobsession.handshaked)
             console.log("Successfully handshaked");
         else
             console.log("Error during handshake");
-        const longmsg = data_1.Datagram.create(alice.signatureKey, bob.signatureKey, types_1.Protocols.MESSAGE, alicesession.encrypt(new Uint8Array(1000000).fill(33).map(val => val + Math.floor(Math.random() * 93))));
+        const longmsg = _1.Datagram.create(alice.signatureKey, bob.signatureKey, _1.Protocols.MESSAGE, alicesession.encrypt(new Uint8Array(1000000).fill(33).map(val => val + Math.floor(Math.random() * 93))));
         console.log(longmsg.encode().length);
         console.log(longmsg.encode(false).length);
     }